hugo/AiThingy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: hugo:fixLoginSignup
Branches Tags
hugo:main hugo:UpdatePermissionsChecking hugo:fixLoginSignup
...
compare: hugo:1abb1b5106373bac035eb20e324257c99de77a3a
Branches Tags
hugo:main hugo:UpdatePermissionsChecking hugo:fixLoginSignup

8 Commits
fixLoginSi ... 1abb1b5106

Author SHA1 Message Date
Hugo H
1abb1b5106 Added chat page 2025-09-13 20:22:09 +01:00
Hugo H
49d924be20 Added basic AI generation endpoint 2025-09-13 19:53:41 +01:00
Hugo H
0be88678df Use headers instead of body for token 
Now the endpoints follow HTTP rules in GET requests
 2025-09-13 19:50:01 +01:00
Hugo H
dea4b79014 Fix APIs and intergrate chat permission checking 2025-09-03 10:33:23 +01:00
Hugo H
694947f225 Fixed chat permissions lookup function 2025-09-02 19:55:24 +01:00
Hugo H
08cc5dd165 Added chat list endpoint 
Returns all chats that are associated with a user
 2025-09-02 17:45:44 +01:00
Hugo H
ef577c11f7 Added function to check permissions on specific chat. 
The checkChatPermission function checks if a use is allowed to perform an action in a chat
 2025-09-02 17:30:14 +01:00
Hugo H
89f9b6d270 Moved permissions checking to a function 
Permissions checking now happens in another function, code is now much cleaner
 2025-08-31 11:22:41 +01:00
2 changed files with 224 additions and 91 deletions
Expand all files Collapse all files

243
main.py
View File

@@ -1,6 +1,8 @@
from flask import Flask, jsonify, request, render_template from flask import Flask, jsonify, request, render_template, Response
from flask_cors import CORS, cross_origin
from pymongo import MongoClient from pymongo import MongoClient
from bson.objectid import ObjectId from bson.objectid import ObjectId
from bson.json_util import dumps, loads
from datetime import datetime from datetime import datetime
from argon2 import PasswordHasher from argon2 import PasswordHasher
import random import random
@@ -8,6 +10,7 @@ import string
import json import json
import requests import requests
from urllib.parse import parse_qs from urllib.parse import parse_qs
from ollama import chat
with open("config/settings.json", "r") as f: with open("config/settings.json", "r") as f:
settings = json.load(f) settings = json.load(f)
@@ -43,16 +46,11 @@ except Exception as e:
print("Error connecting to MongoDB:", e) print("Error connecting to MongoDB:", e)
app = Flask(__name__) app = Flask(__name__)
CORS(app)
# Chat Details Endpoint: def checkUserPermission(token, permission):
# Get or change details about a chat using the chatId
# Arguments: token (required), details (required), model, name
@app.route('/api/chat/<_id>/details', methods = ['GET', 'POST'])
def getChatHistory(_id):
# Get user auth token
token = request.json['token']
# Find the correct user token in user db # Find the correct user token in user db
user = usersCollection.find_one({'tokens.token': token}, {"_id":1,"tokens":{"$elemMatch": {"token":token}}}) user = usersCollection.find_one({'tokens.token': token}, {"_id":1,"tokens":{"$elemMatch": {"token":token}}, "permissions":1})
# If the user exists, continue, otherwise return fail # If the user exists, continue, otherwise return fail
if (user): if (user):
# Convert _id to a string, python doesn't like ObjectId() # Convert _id to a string, python doesn't like ObjectId()
@@ -61,44 +59,127 @@ def getChatHistory(_id):
if (user['tokens'][0]['expiry'] > int(datetime.now().timestamp())): if (user['tokens'][0]['expiry'] > int(datetime.now().timestamp())):
# Store the userId # Store the userId
userId = user['_id'] userId = user['_id']
print(userId) if permission in user["permissions"]:
# Get the request details return True, userId
details = request.json['details'] elif (permission == True):
# If the user is trying to GET data return True, userId
if (request.method == 'GET'):
# Get the chat from the chatId
returnedChat = chatCollection.find_one({'_id': ObjectId(_id)})
# Convert chatId into string
returnedChat['_id'] = str(returnedChat['_id'])
try:
returnedChat["permissions"][userId].index("view")
print("Chat " + _id + " has been found with token " + token)
# Check for detail type and return correct value from db
if (details == "history"):
return jsonify(returnedChat["messages"])
elif (details == "users"):
return jsonify(returnedChat["permissions"])
elif (details == "model"):
return jsonify(returnedChat["model"])
elif (details == "name"):
return jsonify(returnedChat["name"])
except:
return jsonify("Invalid Permissions")
else: else:
try: return False, "Incorrect permissions"
returnedChat["permissions"][userId].index("edit")
# Check for the detail type and add data to db
if (details == "model"):
model = request.json['model']
chatCollection.update_one({'_id': ObjectId(_id)}, { "$set": { "model": model } })
if (details == "name"):
name = request.json['name']
chatCollection.update_one({'_id': ObjectId(_id)}, { "$set": { "name": name } })
return jsonify("Success")
except:
return jsonify("Invalid Permissions")
else: else:
return jsonify("User token is invalid") return False, "Token is expired"
else:
return False, "Token doesn't exist"
def checkChatPermission(token, chatId, permission):
a, userId = checkUserPermission(token, True)
if (a == True):
# Get the chat from the chatId
returnedChat = chatCollection.find_one({'_id': ObjectId(chatId)})
# Convert chatId into string
returnedChat['_id'] = str(returnedChat['_id'])
if permission in returnedChat['permissions'][userId]:
return True, userId
elif (permission == True):
return True, userId
else:
return False, "Incorrect permissions"
else:
return False, "Invalid Token"
# Message Generation Endpoint
# Generate a new message on a specific chat
# Arguments: token (required), chatId (required), message
@app.route('/api/chat/<_id>/generate', methods =['POST'])
@cross_origin()
def generateMessage(_id):
# Get user auth token
token = request.headers['token']
a, userId = checkChatPermission(token, _id, "view")
if (a == True):
returnedChat = chatCollection.find_one({'_id': ObjectId(_id)})
message = request.json['message']
messages = returnedChat['messages']
messages.append({'role':'user', 'content':message})
stream = chat(
model=returnedChat['model'],
messages=messages,
stream=True
)
def generateStream():
response = ""
for chunk in stream:
print(chunk['message']['content'], end='', flush=True)
content = chunk['message']['content']
response += content
json_data = {"response": response}
yield f"data: {json.dumps(json_data)}\n\n"
return Response(generateStream(), mimetype='text/event-stream')
else:
return userId
# Chat List Endpoint:
# Get all the chats associated with a user
# Arguments: token (required)
@app.route('/api/user/chats', methods = ['GET'])
def getUserChats():
# Get user auth token
token = request.headers['token']
a, userId = checkUserPermission(token, True)
if (a == True):
returnedChats = list(chatCollection.find({'permissions.' + userId : "view"}))
chats = []
for doc in returnedChats:
if '_id' in doc and isinstance(doc['_id'], ObjectId):
doc['_id'] = str(doc['_id'])
chats.append(doc)
jsonChats = json.dumps(chats, indent=2)
return jsonChats
# Chat Details Endpoint:
# Get or change details about a chat using the chatId
# Arguments: token (required), details (required), model, name
@app.route('/api/chat/<_id>/details/<details>', methods = ['GET', 'POST'])
def getChatHistory(_id, details):
# Get user auth token
token = request.headers['token']
a, userId = checkChatPermission(token, _id, True)
if (a == True):
# If the user is trying to GET data
if (request.method == 'GET'):
# Get the chat from the chatId
returnedChat = chatCollection.find_one({'_id': ObjectId(_id)})
# Convert chatId into string
returnedChat['_id'] = str(returnedChat['_id'])
# Get chat permissions
a, userId = checkChatPermission(token, _id, "view")
if (a == True):
print("Chat " + _id + " has been found with token " + token)
# Check for detail type and return correct value from db
if (details == "history"):
return jsonify(returnedChat["messages"])
elif (details == "users"):
return jsonify(returnedChat["permissions"])
elif (details == "model"):
return jsonify(returnedChat["model"])
elif (details == "name"):
return jsonify(returnedChat["name"])
else:
return jsonify("Invalid Permissions")
else:
a, userId = checkChatPermission(token, _id, "view")
if (a == True):
# Check for the detail type and add data to db
if (details == "model"):
model = request.json['model']
chatCollection.update_one({'_id': ObjectId(_id)}, { "$set": { "model": model } })
if (details == "name"):
name = request.json['name']
chatCollection.update_one({'_id': ObjectId(_id)}, { "$set": { "name": name } })
return jsonify("Success")
else:
return jsonify("Invalid Permissions")
else: else:
return jsonify("User token is invalid") return jsonify("User token is invalid")
@@ -108,45 +189,29 @@ def getChatHistory(_id):
@app.route('/api/chat/create', methods = ['POST']) @app.route('/api/chat/create', methods = ['POST'])
def createChat(): def createChat():
# Get user auth token # Get user auth token
token = request.json['token'] token = request.headers['token']
# Find the correct user token in user db a, userId = checkUserPermission(token, "createChat")
user = usersCollection.find_one({'tokens.token': token}, {"_id":1,"tokens":{"$elemMatch": {"token":token}}}) if (a == True):
# If the user exists, continue, otherwise return fail name = request.json['name']
if (user): model = request.json['model']
# Convert _id to a string, python doesn't like ObjectId() chatCollection.insert_one(
user['_id'] = str(user['_id']) {
# Check if the token expiry is after the current date (Using unix timestamp, other mongodb Date datatype is a pain to use in python) "name":name,
if (user['tokens'][0]['expiry'] > int(datetime.now().timestamp())): "model":model,
# Store the userId "permissions": {
userId = user['_id'] userId:[
print(user) "owner",
print(user['permissions']) "view",
if ("createChat" in user['permissions']): "message",
print(userId) "edit"
name = request.json['name'] ]
model = request.json['model'] },
chatCollection.insert_one( "messages": [
{
"name":name, ]
"model":model, }
"permissions": { )
userId:[ return jsonify("Success")
"owner",
"view",
"message",
"edit"
]
},
"messages": [
]
}
)
return jsonify("Success")
else:
return jsonify("Incorrect permissions")
else:
return jsonify("User token is invalid")
else: else:
return jsonify("User token is invalid") return jsonify("User token is invalid")
@@ -167,13 +232,9 @@ def index():
if (token == 'none'): if (token == 'none'):
return render_template('login.html', appName=appName, githubUrl=github_auth_endpoint, githublogin=settings["github_oauth"]["enabled"], oauthlogin=settings["oauth_login"]) return render_template('login.html', appName=appName, githubUrl=github_auth_endpoint, githublogin=settings["github_oauth"]["enabled"], oauthlogin=settings["oauth_login"])
else: else:
user = usersCollection.find_one({'tokens.token': token}, {"_id":1,"tokens":{"$elemMatch": {"token":token}}}) a, userId = checkUserPermission(token, True)
if (user): if (a == True):
user['_id'] = str(user['_id'])
if (user['tokens'][0]['expiry'] > int(datetime.now().timestamp())):
return render_template('home.html', appName=appName) return render_template('home.html', appName=appName)
else:
render_template('logout.html', appName=appName)
else: else:
render_template('logout.html', appName=appName) render_template('logout.html', appName=appName)
@@ -363,7 +424,7 @@ def handleSignup():
def logout(): def logout():
token = request.cookies.get('auth_token', 'none') token = request.cookies.get('auth_token', 'none')
try: try:
token = request.json['remove_token'] token = request.headers['remove-token']
except: except:
pass pass
user = usersCollection.update_one({'tokens.token': token}, {"$pull":{'tokens':{'token':token}}}) user = usersCollection.update_one({'tokens.token': token}, {"$pull":{'tokens':{'token':token}}})

72
templates/chattest.html Normal file
View File

@@ -0,0 +1,72 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Streaming Response</title>
</head>
<body>
<div class="container">
<h1>AiThingy</h1>
<p>Enter a message, chatId, and auth token below:</p>
<input placeholder="Message" id="message"></input>
<input placeholder="ChatId" id="chatid"></input>
<input placeholder="Token" id="token"></input>
<button onclick="startStreaming()">Send Message</button>
<br>
<textarea id="response-output" readonly placeholder="Waiting for streaming data..."></textarea>
</div>
<script>
async function startStreaming() {
const outputArea = document.getElementById('response-output');
outputArea.value = 'Connecting to endpoint...\n';
const chatId = document.getElementById("chatid").value;
const endpointUrl = 'http://127.0.0.1:5000/api/chat/' + chatId + '/generate';
const postData = {
"message": document.getElementById("message").value
};
try {
const response = await fetch(endpointUrl, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'token': document.getElementById("token").value
},
body: JSON.stringify(postData)
});
if (!response.ok) {
throw new Error(`HTTP error! status: ${response.status}`);
}
const reader = response.body.getReader();
const decoder = new TextDecoder('utf-8');
let receivedChunks = '';
while (true) {
const { done, value } = await reader.read();
if (done) {
break;
}
const chunk = decoder.decode(value, { stream: true });
const jsonString = chunk.substring(6);
const data = JSON.parse(jsonString);
outputArea.value = data["response"];
}
} catch (error) {
console.error('An error has occurred:', error);
outputArea.value += `\n\n--- An error has occurred: ${error.message} ---`;
}
}
</script>
</body>
</html>